Account gets locked for 10 minutes

Is it just me, or do others also feel that this default behavior is not appropriate? Imagine you use Manjaro at work, go to lunch break, come back to your desk right before an important meeting is scheduled, mistype your 30-char password (yes, 30 chars), then your account is locked. As a consequence you must either
a) lose work and context
b) lose time
c) be late for the meeting

Probably all a), b) and c) will happen due to this default account locking feature.

Proposal: by default it should not lock the account.

Original thread (now locked and for some reason not linkable):

  • Account gets locked for 10 minutes after 3 failed attempts

You can’t link or post images because you don’t have appropriate Trust Level yet.

I feel like it is appropriate to avoid ‘real life brute force’. You can configure the behavior though if you feel like it is not for your use case.

Personally, for what it’s worth, I like it a lot. I like that it’s security and privacy first.

People will always go through your stuff, whether because of curiosity or malice, we have no way of knowing. And the risk of someone snooping is greater the more people are present, for example in a work environment, as you mentioned.

The best you can do is make it hard to difficult for them, exactly what this does.